Vulnerabilities > IBM > Aspera Faspex
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-05 | CVE-2024-45096 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing. | 6.5 |
| 2024-09-05 | CVE-2024-45097 | Interpretation Conflict vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification. | 7.1 |
| 2024-09-05 | CVE-2024-45098 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification. | 8.1 |
| 2024-04-19 | CVE-2022-40745 | Inadequate Encryption Strength vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. | 5.5 |
| 2024-04-19 | CVE-2023-27279 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. | 6.5 |
| 2024-04-19 | CVE-2023-37397 | Inadequate Encryption Strength vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. | 4.4 |
| 2024-02-02 | CVE-2022-40744 | Cross-site Scripting vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-09-08 | CVE-2022-22401 | Missing Encryption of Sensitive Data vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information. | 7.5 |
| 2023-09-08 | CVE-2022-22402 | Cross-site Scripting vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. | 5.4 |
| 2023-09-08 | CVE-2022-22409 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. | 5.3 |